Commit ecc334123ee0e8e24c630a49efd18568d2fe6531
1 parent
ad9b3856
Exists in
master
and in
3 other branches
Adding method to get the presented peer certificate as text.
Showing
3 changed files
with
37 additions
and
3 deletions
Show diff stats
src/include/lib3270.h
| @@ -530,7 +530,9 @@ | @@ -530,7 +530,9 @@ | ||
| 530 | */ | 530 | */ |
| 531 | LIB3270_EXPORT const char * lib3270_get_ssl_state_description(H3270 *hSession); | 531 | LIB3270_EXPORT const char * lib3270_get_ssl_state_description(H3270 *hSession); |
| 532 | 532 | ||
| 533 | - LIB3270_EXPORT char * lib3270_get_crl_text(H3270 *hSession); | 533 | + LIB3270_EXPORT char * lib3270_get_ssl_crl_text(H3270 *hSession); |
| 534 | + LIB3270_EXPORT char * lib3270_get_ssl_peer_certificate_text(H3270 *hSession); | ||
| 535 | + | ||
| 534 | 536 | ||
| 535 | /** | 537 | /** |
| 536 | * @brief Get service or port for the connect/reconnect operations. | 538 | * @brief Get service or port for the connect/reconnect operations. |
src/lib3270/properties.c
| @@ -37,6 +37,9 @@ | @@ -37,6 +37,9 @@ | ||
| 37 | #include <lib3270.h> | 37 | #include <lib3270.h> |
| 38 | #include <lib3270/properties.h> | 38 | #include <lib3270/properties.h> |
| 39 | 39 | ||
| 40 | +#if defined(HAVE_LIBSSL) | ||
| 41 | + #include <openssl/ssl.h> | ||
| 42 | +#endif | ||
| 40 | 43 | ||
| 41 | static int lib3270_get_connection_state_as_int(H3270 *hSession) | 44 | static int lib3270_get_connection_state_as_int(H3270 *hSession) |
| 42 | { | 45 | { |
| @@ -634,7 +637,7 @@ LIB3270_EXPORT int lib3270_get_secure_host(H3270 *hSession) | @@ -634,7 +637,7 @@ LIB3270_EXPORT int lib3270_get_secure_host(H3270 *hSession) | ||
| 634 | 637 | ||
| 635 | } | 638 | } |
| 636 | 639 | ||
| 637 | -LIB3270_EXPORT char * lib3270_get_crl_text(H3270 *hSession) | 640 | +LIB3270_EXPORT char * lib3270_get_ssl_crl_text(H3270 *hSession) |
| 638 | { | 641 | { |
| 639 | #ifdef SSL_ENABLE_CRL_CHECK | 642 | #ifdef SSL_ENABLE_CRL_CHECK |
| 640 | 643 | ||
| @@ -664,3 +667,32 @@ LIB3270_EXPORT char * lib3270_get_crl_text(H3270 *hSession) | @@ -664,3 +667,32 @@ LIB3270_EXPORT char * lib3270_get_crl_text(H3270 *hSession) | ||
| 664 | 667 | ||
| 665 | return NULL; | 668 | return NULL; |
| 666 | } | 669 | } |
| 670 | + | ||
| 671 | +LIB3270_EXPORT char * lib3270_get_ssl_peer_certificate_text(H3270 *hSession) | ||
| 672 | +{ | ||
| 673 | +#ifdef HAVE_LIBSSL | ||
| 674 | + if(hSession->ssl.con) | ||
| 675 | + { | ||
| 676 | + X509 * peer = SSL_get_peer_certificate(hSession->ssl.con); | ||
| 677 | + if(peer) | ||
| 678 | + { | ||
| 679 | + BIO * out = BIO_new(BIO_s_mem()); | ||
| 680 | + unsigned char * data; | ||
| 681 | + unsigned char * text; | ||
| 682 | + int n; | ||
| 683 | + | ||
| 684 | + X509_print(out,peer); | ||
| 685 | + | ||
| 686 | + n = BIO_get_mem_data(out, &data); | ||
| 687 | + text = (unsigned char *) lib3270_malloc(n+1); | ||
| 688 | + text[n] ='\0'; | ||
| 689 | + memcpy(text,data,n); | ||
| 690 | + BIO_free(out); | ||
| 691 | + | ||
| 692 | + return (char *) text; | ||
| 693 | + } | ||
| 694 | + } | ||
| 695 | +#endif // HAVE_LIBSSL | ||
| 696 | + | ||
| 697 | + return NULL; | ||
| 698 | +} |
src/lib3270/ssl/ctx_init.c
| @@ -135,7 +135,7 @@ int ssl_ctx_init(H3270 *hSession, SSL_ERROR_MESSAGE * message) | @@ -135,7 +135,7 @@ int ssl_ctx_init(H3270 *hSession, SSL_ERROR_MESSAGE * message) | ||
| 135 | 135 | ||
| 136 | if(lib3270_get_toggle(hSession,LIB3270_TOGGLE_SSL_TRACE)) | 136 | if(lib3270_get_toggle(hSession,LIB3270_TOGGLE_SSL_TRACE)) |
| 137 | { | 137 | { |
| 138 | - lib3270_autoptr(char) text = lib3270_get_crl_text(hSession); | 138 | + lib3270_autoptr(char) text = lib3270_get_ssl_crl_text(hSession); |
| 139 | 139 | ||
| 140 | if(text) | 140 | if(text) |
| 141 | trace_ssl(hSession,"\n%s\n",text); | 141 | trace_ssl(hSession,"\n%s\n",text); |